RSA 2013: What You Need to Know

SecurityWatch is busy preparing our schedules for next week's 2013 RSA Conference in San Francisco. One of the major security conferences of the year, RSAC is a massive show, with vendors making major product announcements, researchers showing off some of their latest work, and everyone talking about security, privacy, and all the things in between.

SecurityWatch is busy preparing for next week's 2013 RSA Conference (RSAC) in San Francisco. One of the major security conferences of the year, RSAC is a massive show, with vendors making major product announcements, researchers showing off some of their latest work, and everyone talking about security, privacy, and all the things in between.

It's overwhelming and the show just gets bigger and bigger each year. SecurityWatch spoke with RSA Conference Program Chair Dr. Herbert (Hugh) Thompson to get the low-down on the conference and what attendees should expect.

A Big Show Just Got Even BiggerThere were a record number of papers and talks submitted to the show this year, and it was a challenge to narrow them down to the final list, Thompson said. Even so, the conference this year boasts more than 200 sessions and panels. By shortening the length of the sessions from previous years, the conference this year was able to add "more content in each track and there are many interesting things to see," Thompson said.

Some Sessions to Check OutInnovation Sandbox showcases security startups, and is a great place to check out some of the upcoming security companies. Last year's winner, Appthority is growing fast and will be discussing iOS security at the conference. On Monday afternoon, the 10 finalists will get to make their final pitches in hopes of claiming top honors as the "Most Innovative Company." The competition follows the "Shark Tank-format and is a lot of fun," according to Thompson.

The expo floor is always packed, and we will be on the lookout for fun things happening at the booths. We will be on the lookout for the flight simulator, too.

Charlie Miller, security researcher extraordinaire and a member of Twitter's product security team, will be talking about different kinds of mobile attacks this year, "separating the hype from reality." He will also be on a panel with Accuvant's Zach Lanier, Trail of Bits' Dino Dai Zovi, and IOActive's Tiago Assumpcao discussing the strengths and weaknesses of various mobile platforms.

The Human Element track will focus on targeted attacks such as spear-phishing and how attackers are using various tools to mine information about their victims. Security Mashups has "fringe" talks and "fun stuff," such as a discussion on physical security titled "Life as Eminem's Bodyguard." "I don't think Eminem will be there, though," Thompson said.

There are also two sessions discussing last year's attack against Wired writer Mat Honan. Why two? Password security is an evergreen topic, and everyone is tired of talking about setting strong passwords and how we need something better than passwords. When Honan lost control of his accounts, "it resonated with a lot of people and people paid attention," Thompson said.

Cloud Got DisplacedEach year, there are a few buzzwords that we hear repeatedly, (we predict that everyone will be talking about "passwords," "China," and "Mandiant" this year) and for the past few years, "cloud" was always in the top three. Not this year, as "the cloud got displaced," Thompson said. The focus this year, if the presentations are any indication, is on mobile and analytics. Mobile is popping up in various tracks, such as those related to malware, new research, and in bring-your-own-device discussions.

The cloud has also grown up, Thompson noted. In previous years, the topics tended to veer along the lines of "the dangers of cloud," but now the cloud-related sessions are more operational and more specific. The discussions are about how to use the cloud, how to successfully complete an audit if you use the cloud, and how to handle identity and access control in the cloud, Thompson said.

Keep Up With UsThis year, the entire SecurityWatch team will be at Moscone Center in San Francisco, prowling the expo floor, chatting with vendors new and established, and frantically taking notes as researchers talk about their latest projects. We will be regularly posting updates here on SecurityWatch, as well as posting on Twitter. Follow @SecurityWatch for RSAC coverage, and Neil Rubenking (@neiljrubenking), Fahmida Y. Rashid (@zdFYRashid) and Max Eddy (@wmaxeddy) for everything else. All the posts will be also available on the Show Reports page.

About the Author

Fahmida Y. Rashid is a senior analyst for business at PCMag.com. She focuses on ways businesses can use technology to work efficiently and easily. She is paranoid about security and privacy, and considers security implications when evaluating business technology. She has written for eWEEK, Dark Reading, and SecurityWeek covering security, core Inte... See Full Bio

Get Our Best Stories!

This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of Use and Privacy Policy. You may unsubscribe from the newsletters at any time.